What’s new in RSA SecurID Access: July 2019 Cloud Authentication Service Release

Insight into Identity Confidence

With this latest release of RSA SecurID Access, organizations will be able to view up-to-date identity confidence analytics information through the Cloud Administration Console. The analytics page will provide information on how many users were deemed risky based on the Identity Confidence policies set by the organization and what factors contributed to that risky behavior across their user population.

Enable Auto-Push for RADIUS additional authentication Use Cases

When additional authentication is required for RADIUS clients, end-users can receive automatic push notifications (approve or biometrics) without any additional user interaction, providing a convenient end-user experience. This capability can be configured under the RADIUS configuration page in the cloud authentication console.

Enhanced security of FIDO token enrollment

Securely enroll FIDO based authenticators using the RSA SecurID Access My Page self-service portal. The My Page self-service enrollment portal allows organizations to protect FIDO registration with an access policy that is aligned with the organizations’ existing policies. Organizations will be able to optionally disable the FIDO token registration for their end-users which automatically occurs during user authentication and instead enable policy-protected enrollment through My Page.

Improved deployment options and supportability enhancements for the identity router

Flexible deployment options for identity routers. The identity router supports transparent, explicit, and man-in-the-middle proxy configurations. The identity router will inform if a non-RSA SSL proxy certificate is configured, and allow to temporarily accept the certificate and proceed while the administrator works with the network IT to whitelist the URL.

Identity router setup has been simplified. The proxy interface, which is not required for non-SSO deployments, is disabled by default in the Identity Router Setup Console. Enable as needed for SSO deployments.

Quickly identify potential problems that might occur while setting-up and monitoring identity routers using the improved status indicators in the Cloud Administration Console. The Platform > Identity Routers list page will provide more details on the status of each identity router and its dependent services, including the status of clusters, memory usage, CPU usage, and cloud connectivity

IP Address Changes - Please Plan in Advance!

To align with Microsoft Azure Resource Manager deployment model changes, the Cloud Authentication Service and Cloud Administration Console IP addresses will be changing in September 2019. Organization’s deployments must be able to connect to both new and old IP addresses in September 2019.

RSA recommends that you start planning with your organization now to make the necessary changes to connect to these new IP addresses. If the firewall rules are not updated with the new IP addresses, the identity routers will not be able to contact the Cloud Authentication Service. This will cause disruption in the service. For details, see Notice of Upcoming Cloud Authentication Service IP Address Changes.

RSA continues to strengthen its RSA SecurID Access Cloud Authentication Service with the July product release. For further details on all the new and updated capabilities of the July release, please refer to the Release Notes.